- Funds worth over $100 million were returned by the exploiter at press time.
- DeFi protocols have lost more than $240 million in 2023 due to hacks.
The $197-million Euler Finance exploit has been getting more dramatic with each passing day. More than 50% of the stolen funds have been returned as per the latest update on the biggest decentralized finance hack of 2023.
On 25 March, around 51,000 Ether [ETH] worth over $89 million was sent from the Euler Finance hacker’s address back to the deployer address. Hours later, a second transfer of 7737 ETH, equating to about $13 million, was carried out by the exploiter.
A week ago, the hacker sent 3,000 ETH to the lending protocol, worth nearly $5.4 million at that time. The hacker still controlled some amount of stolen funds at the time of writing.
Another 7737 Eth from Euler exploiter to Euler finane, but using 0x46e0Be2DF97dAc791fC8e30Cf2b2E4f58c50Cf55 as an intermediary pic.twitter.com/ugPFmohInX
— BlockSec (@BlockSecTeam) March 25, 2023
The Ethereum-based DeFi protocol was targeted by a flash loan attack on 13 March when the hacker managed to drain out assets worth $197 million in Dai, USD CoiN [USDC], staked Ether [StETH], and wrapped
Euler announced a $1 million bounty for any information about the hacker after attempts at finding a middle ground failed.
However, in an on-chain message to Euler on 20 March, the hacker said they now want to “come to an agreement” with the lending protocol.
‘DeFi’ant amidst dangers
DeFi protocols have witnessed remarkable growth since 2021, with funds deposited on their smart contracts increasing by leaps and bounds.
However, with the expansion in liquidity, they have also managed to grab the attention of unscrupulous players.
According to DeFiLlama, the total value hacked at the time of writing was $6.45 billion. DeFi protocols lost more than $3 billion in 2022, which was the worst year on record.
While there was a considerable lull during the months of December and January, hackers returned to deal a severe blow to the DeFi industry.
In February, seven protocols were attacked, which led to $21 million of funds being stolen. One of the biggest was the flash loan reentrancy attack on Platypus Finance where hackers managed to siphon off $8.5 million.
Notably, 16% of the hacks were attributed to the compromise of private keys. And nearly 8% of the funds were hacked when the protocols fell victim to access control exploits.